<cfset isloggedin = 'No'>
<!---if none of the variables are found they need to go to the login form--->
<cfif NOT isdefined('form.account_username')>
  <cfif NOT isdefined('cookie.account_username')>
    <cfoutput>
    <script language="JavaScript" type="text/javascript">
            <!--
            window.location.replace("#request.absolutepath#index.cfm?c=account_login");
            -->	
          </script>
    </cfoutput>
    <cfabort>
  </cfif>
</cfif>
<!---If the login form was used, check the username and Password entered--->
<cfif isdefined('form.account_username')>
	<!---form cleaner--->
    <!---
    <cfinvoke component="cfcs.common.cleaner" method="cleanforminput" fields="#form#" returnvariable="cleanfields" /> 
    <cfloop collection="#cleanfields#" item="var">
        <cfset "form.#var#" = #evaluate('cleanfields.' & var)#>
        <cfset "#var#" = #evaluate('cleanfields.' & var)#>
    </cfloop>
	---->

  <cfif len(trim(form.account_username)) LT 1 OR len(trim(form.account_username)) LT 1>
    <cfoutput>
    <script language="JavaScript" type="text/javascript">
        <!--
        window.location.replace("#request.absolutepath#index.cfm?c=account_login&login_failed=true&error_msg=Invalid Username or Password");
        -->	
        </script>
    </cfoutput>
  </cfif>
  <cfif NOT isdefined('form.keep_loggedin')>
    <cfcookie name="account_username" value="#form.account_username#" expires="1">
    <cfcookie name="account_password" value="#form.account_password#" expires="1">
    <cfcookie name="account_isloggedin" value="0" expires="1">
    <cfelse>
    <cfcookie name="account_username" expires = "NEVER" value="#form.account_username#">
    <cfcookie name="account_password" expires = "NEVER" value="#form.account_password#">
    <cfcookie name="account_isloggedin" value="0" expires="NEVER">
  </cfif>
</cfif>
<cfif NOT isdefined('cookie.account_username') OR NOT isdefined('cookie.account_username')>
  <cfoutput>
  <script language="JavaScript" type="text/javascript">
		<!--
		window.location.replace("#request.absolutepath#index.cfm?c=account_login");
		-->	
	  </script>
  </cfoutput>
  <!---cookies exist so run one of the following login checks--->
  <cfelse>
  <!---if they are empty then login fails--->
  <cfif len(trim(cookie.account_username)) LT 1 OR len(trim(cookie.account_username)) LT 1>
    <CFCOOKIE name="account_username" expires="NOW" Value="None">
    <CFCOOKIE name="account_password" expires="NOW" Value="None">
    <CFCOOKIE name="account_id" expires="NOW" Value="None">
    <CFCOOKIE name="account_isloggedin" expires="NOW" Value="None">
    <cfoutput>
    <script language="JavaScript" type="text/javascript">
        <!--
        window.location.replace("#request.absolutepath#index.cfm?c=account_login&login_failed=true&error_msg=Invalid Username or Password");
        -->	
        </script>
    </cfoutput>
  </cfif>
  <cfinvoke component="cfcs.common.encryption" method="encryptstring" textstring="#cookie.account_password#" returnvariable="enc_password">
  <cfif cookie.account_isloggedin IS 0>
    <cfquery name ="qaccount" datasource = "#request.dsn#">
            SELECT * FROM core_accounts 
            WHERE username = <cfqueryparam value="#cookie.account_username#" cfsqltype="cf_sql_varchar"> 
            AND pword = <cfqueryparam value="#enc_password#" cfsqltype="cf_sql_varchar">
            OR email = <cfqueryparam value="#cookie.account_username#" cfsqltype="cf_sql_varchar"> 
            AND pword = <cfqueryparam value="#enc_password#" cfsqltype="cf_sql_varchar">
        </cfquery>
    <cfif #qaccount.recordcount# IS 0>
      <CFCOOKIE name="account_username" expires="NOW" Value="None">
      <CFCOOKIE name="account_password" expires="NOW" Value="None">
      <CFCOOKIE name="account_id" expires="NOW" Value="None">
      <CFCOOKIE name="account_isloggedin" expires="NOW" Value="0">
      <!---since it doesn't match any then redirect--->
      <cfoutput>
<script language="JavaScript" type="text/javascript">
			<!--
			window.location.replace("#request.absolutepath#index.cfm?c=account_login&login_failed=true&error_msg=Invalid Username or Password");
			-->	
		  </script>
      </cfoutput>
      <cfabort>
    </cfif>
    <!---end if user/password not matching--->
    <cfoutput query="qaccount">
    <cfcookie name="account_id" value="#aid#" expires="NEVER">
    </cfoutput>
    <CFCOOKIE name="account_isloggedin" expires="NEVER" Value="1">
    <cfelse>
    <!---if cookie.isloggedin is not 0 then it will be set to 1 when they first login so...--->
    <!---To prevent cookie tampering we make sure that id in the cookie.account_id matches what is in the db for this user--->
    <cfquery name = "qSecurityCheck" datasource="#request.dsn#">
        SELECT * FROM core_accounts 
        WHERE UserName = <cfqueryparam value="#cookie.account_username#" cfsqltype="cf_sql_varchar">
        AND pword = <cfqueryparam value="#enc_password#" cfsqltype="cf_sql_varchar">
        AND aid =  <cfqueryparam value="#cookie.account_id#" cfsqltype="cf_sql_integer">
        OR email = <cfqueryparam value="#cookie.account_username#" cfsqltype="cf_sql_varchar">
        AND pword = <cfqueryparam value="#enc_password#" cfsqltype="cf_sql_varchar">
        AND aid =  <cfqueryparam value="#cookie.account_id#" cfsqltype="cf_sql_integer">
        </cfquery>
    <cfif qSecurityCheck.recordcount IS 0>
      <CFCOOKIE name="account_username" expires="NOW" Value="None">
      <CFCOOKIE name="account_password" expires="NOW" Value="None">
      <CFCOOKIE name="account_id" expires="NOW" Value="0">
      <CFCOOKIE name="account_isloggedin" expires="NOW" Value="0">
      <!---since it doesn't match any then redirect--->
      <cfoutput>
      <script language="JavaScript" type="text/javascript">
                        <!--
                        window.location.replace("#request.absolutepath#index.cfm?c=account_login&login_failed=true&error_msg=User Authentication Error");
                        -->	
                      </script>
      </cfoutput>
      <cfabort>
    </cfif>
  </cfif>
</cfif>